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In this paper we report on new techniques for verifying contentaddressable 
memories (CAMs), and demonstrate that these techniqueswork well for large 
industrial designs. It was shown in [Formal verification of PowerPC(TM) arrays 
using symbolic trajectory evaluation], that theformal verification technique of 
symbolic trajectory evaluation (STE)could be used successfully on memory arrays. 
We have extended thatwork to verify what are perhaps the most combinatorlally 
difficultclass of memory arrays, ... 
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For verifying complex sequen tialbloc ks such as microprocessor embedded arrays, 
the formal method of symbolic trajectory ev aluation (STE) has achieved great 
success in the past [[3], [5], [6]]. P ast STE methodology for arrays requires 
manual creation of "assertions" to which both the RTL view and the actual design 
should be equivalent. In this paper, w e describe a novel method to automate the 
assertion creation process which improves the efficiency and the quality of array v 
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Generalized Symbolic Trajectory Evaluation (GSTE) [17, 18, 19] is a very 
significant extension of STE that has the power to verify all co-regular properties 
but at the same time preserves the benefits of the original STE [16], It also 
extends the symbolic quaternary model used by STE to support seamless model 
refinement for efficiency and accuracy trade-off in GSTE model checking. In this 
paper, we present a case study on FIFO verification to illustrate the strength of 
GSTE and demonstrate ... 
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One method of handling the computational complexity of the verification process is 
to combine the strengths of different approaches. We propose a hybrid verification 
technology combining symbolic trajectory evaluation with either symbolic model 
checking or SAT-based model checking. This reduces significantly the cost (both 
human and computing) of verifying circuits with complex initialisation, as well as 
simplifying proof development by enhancing verification productivity. The approach 
has been ... 

Keywords: hybrid verification, symbolic model checking, symbolic trajectory 
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In recent years, formal methods have emerged as an alternative approach to 
ensuring the quality and correctness of hardware designs, overcoming some of the 
limitations of traditional validation techniques such as simulation and testing. There 
are two main aspects to the application of formal methods in a design process: the 
formal framework used to specify desired properties of a design and the verification 
techniques and tools used to reason about the relationship between a spec ... 

Keywords: case studies, formal methods, formal verification, hardware 
verification, language containment, model checking, survey, theorenn proving 
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Formal property verification has been an effective complement to pre-silicon 
validation of several Intel Pentium 4 CPU designs at Intel Corporation. The principal 
objective of this program has been to prove design correctness rather than hunt for 
bugs. In the process, we have evolved our tools and methodology and are now 
applying FPV techniques to protocol level properties. Moving forward, new 
technologies such as GSTE and SAT offer the potential to significantly increase the 
scope of what can b ... 
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KB) terms 

Design validation for embedded arrays remains as a challenging problem in today's 
microprocessor design environment. At Somerset, validation of array designs relies 
on both formal verification and vector simulation. Although several methods for 
array design validation have been proposed and had great success [Ganguly et al. 
1996; Pandey et al. 1996, 1997; Wang and Abadir 1997], little evidence has been 
reported for the effectiveness of these methods with respect to the detection of 
design e ... 

Keywords: ATPG, assertion test generation, design error model, logic verification, 
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A 1,75 MByte L2 cache has been designed and fabricated as part of the Alpha 
21364 microprocessor[l] (Figure 1), in a .18m bulk CMOS process. The cache was 
designed to run at 1.2 GHz, and pass-1 samples confirm this. While Alpha CPUs are 
known primarily for high speed, the combination of package constraints and a tight 
schedule forced careful attention to the integrated whole of power expenditure and 
the interaction of CAD with design. The cache consumes only 7% of total die 
power. 
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Contemporary microprocessors implement many iterative algorithms. For example, 
the front-end of a microprocessor repeatedly fetches and decodes instructions while 
updating internal state such as the program counter; floating-point circuits perform 
divide and square root computations iteratively. Iterative algorithms often have 
complex implementations because of performance optimizations like result 
speculation, re-timing and circuit redundancies. Verifying these iterative circuits a 
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Many modern systems are designed as a set of interconnectedreactive subsystems. 
The subsystem verification task is toverify an implementation of tine subsystem 
against the simple determlnistichigh-level specification of the entire system. Our 
verificationmethodology, based on Symbolic Trajectory Evaluation, is ableto bridge 
the wide gap between the abstract specification and theimplementation specific 
details of the subsystem. This paper presentsa detailed description of an industrial 
application ... 
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Although several methods for array design validation have been proposed and had 
great success in the past, little evidence has been reported for the effectiveness of 
these methods with respect to the detection of design errors. In this paper, we 
propose a new way of measuring the effectiveness of different validation 
approaches based on automatic design error injection and simulation. This 
technique provides a systematic way for the evaluation of the quality of various 
validation approaches. Exp ... 

Keywords: Design Error Models, Design Validation, Verification 
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We describe the verification of the IM: a large, complex (12,000gates and 1100 
latches) circuit that detects and marks the boundariesbetween Intel architecture 
(IA-32) instructions. We verified agate-level model of the IM against an 
implementation-lndependentspecification of IA-32 instruction lengths. We used 
theorem provingto to derive 56 model-checking runs and to verify that the 
model-checkingruns imply that the IM meets the specification for all 
possiblesequences of IA-32 instructions. Our v ... 
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Floating-point circuits are notoriously difficult to design and verify. For verification, 
simulation barely offers adequate coverage, conventional model-checking 
techniques are infeasible, and theorem-proving based verification is not sufficiently 
mature. In this paper we present the formal verification of a radix-eight, pipelined, 
IEEE double-precision floating-point multiplier. The verification was carried out 
using a mixture of model-checking and theorem-proving techniques in the Voss 
hardwar ... 

Keywords: Hardware verification7-floating-point arithmetic, ANSI/IEEE Std 
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Parametric representations used for symbolic simulation of circuits usually use 
BDDs. After a few steps of symbolic simulation, state set representation is 
converted from one parametric representation to another smaller representation, in 
a process called reparameterization. For large circuits, the reparametrization step 
often results in a blowup of BDDs and is expensive due to a large number of 
quantifications of input variables involved. Efficient SAT solvers have been applied 
successfully for ... 

Keywords: SAT checkers, bounded model checking, parametric representation, 
safety property checking, symbolic simulation 
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We present the formal verification of the floating-point multiplier in the Intel IA-32 
Pentium ~ microprocessor. The verification is based on a combination of 
theorem-proving and BDD based model-checking tasks performed in a unified 
hardware verification environment. The tasks are tightly integrated to accomplish 
complete verification of the multiplier hardware coupled with the rounder logic. The 
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or its variants. 
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In this paper we introduce a novel concept that can be used for augmenting 
simulation based verification at the Register Transfer Level (RTL). In this technique 
the designer of an RTL circuit introduces some well understood extra behavior 
(through some extra circuitry) into the circuit under verification. This can be 
termed as design for verification. During RTL simulation this extra behavior is 
utilized in conjunction with the original behavior to exercise the design more 
thoroughly thus making „ _ _ 
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Based on our experience with nnodelling and verifying microarchitectural designs 
within Haskell, this paper exannines our use of Haskell as host for an ennbedded 
language. In particular, we highlight our use of Haskell's lazy lists, type classes, 
lazy state monad, and unsafe Perform 10, and point to several areas where Haskell 
could be improved in the future. We end with an example of a benefit gained by 
bringing the functional perspective to microarchitectural modelling. 
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model checker for statecharts 
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October 1993 Proceedings of the 1993 conference of the Centre for Advanced 
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Computer-Aided Software Engineering (CASE) tools encourage users to codify the 
requirements for the design of a system early in the development process. They 
often use graphical formalisms, simulation, and prototyping to help express ideas 
concisely and unambiguously. Some tools provide little more than syntax checking 
but others can test the model for reachability of conditions, nondeterminism, or 
deadlock. In this paper, we present an example of how commercial CASE tools can 
be linked with for ... 
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Synnbolic sinaulation is widely used in logic verification. Previous approaches based 
on BDDs suffer from space outs, while SAT-based approaches have been found 
fairly robust. We propose a SAT-based synnbolic simulation algorithm using a 
noncanonical two-input AND/INVERTER graph representation and on-the-fly 
reduction algorithm on such a graph representation. Unlil<e previous approaches 
where circuit is explicitly unrolled, we propagate the symbolic values represented 
using the simplified AND/INVERT ... 
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Symbolic simulation is a formal verification technique which combines the flexibility 
of conventional simulation with powerful symbolic methods. Some constructs, 
however, which are easy to handle in conventional simulation need special 
consideration in symbolic simulation. This paper discusses some special constructs 
that require unique treatment In symbolic simulation such as the symbolic 
representation of arrays, an efficient This paper discusses some special constructs 
that are unique to symb ... 

Keywords: formal verification, symbolic simulation 



25 Reliable verification using symbolic simulation with scalar values Q 
Chris Wilson, David L. Dill 

June 2000 Proceedings of the 37th conference on Design automation 

Full text available: ^pdfd 50.89 Additional Information: full citation , abstract , references , index 
KB) terms 

This paper presents an algorithm for hardware verification that uses simulation and 
satisfiability checl<ing techniques to determine the correctness of a symbolic test 
case on a circuit. The goal is to have coverage greater than that of random testing, 
but with the ease of use and predictability of directed testing. The user uses 
symbolic variables in simple directed tests to increase the input space that is 
explored. The algorithm, which is called quasi-symbolic simulation, ... 
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In order to overcome the limitations of automated tools and the cumbersome proof 
process of interactive theorem proving, we adopt a hybrid approach for formal 
hardware verification which uses the strengths of theorem proving (HOL) with 
powerful mathematical tools such as induction and abstraction, and the advantages 
of automated tools (MDG) which support equivalence checking and model checking. 
The MDG system is a decision diagram based verification tool, primarily designed 
for hardware ... 
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Ordered Binary-Decision Diagranns (OBDDs) represent Boolean functions as 
directed acyclic graplis. They form a canonical representation, making testing of 
functional properties such as satisfiability and equivalence straightforward. A 
number of operations on Boolean functions can be implemented as graph 
algorithms on OBDD data structures. Using OBDDs, a wide variety of problems can 
be solved through symbolic analysis. First, the possible variations in system 
parameters and op ... 
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This paper presents a functional-space decomposition approach to enhance the 
capability of symbolic simulation. In our symbolic simulator, the control part and 
data path of a circuit is separated, and their simulated results are recorded in 
different domains. A 2-tuple list structure is used to separate the results in the 
control and datapath domains. Then, the functional sub-space in the control domain 
can further be decomposed in order to achieve the optimal OBDD size and run 
time. We demonstr ... 
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Computer-Alded Design (ICCAD'03) - Volume GO 

Full text available: ^ p^bnsher Site Additional Information: full citation , abstract 

Generalized symbolic trajectory evaluation (GSTE) is a powerful, new method for 
formal verification that combines the industrially-provenscalability and capacity of 
classical symbolic trajectoryevaluation with the expressive power of tennporal-logic 
modelchecking. GSTE was originally developed at Intel an d hasb een used 
successfully on Intel's next-generation microprocessors. However/ the supporting 
Algorithms and tooTs for GSTE are stillrelatively immaturevCSTE-specifications are 
given as assertion ... 
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